SourceForge has been redesigned. Learn more.
Close

Protecting property files

Help
2013-12-06
2014-03-24
  • Koichi Sugimoto

    Koichi Sugimoto - 2013-12-06

    Hello.

    From security's point of view, it is desirable to protect property files since some of them includes password(s).
    Do you have any plan to support something like "Encryption" scheme for the property files?

    Regards,
    Koichi Sugimoto.

     
  • Tomas Gustavsson

    Hi Koichi,

    Password in property files can be protected, or promped for instead of entered in clear. See http://ejbca.org/security.html.

    Cheers,
    Tomas

     
  • Koichi Sugimoto

    Koichi Sugimoto - 2013-12-06

    Hello Tomas,

    Thanks.

    Regards,
    Koichi Sugimoto.

     
  • Todor Todorov

    Todor Todorov - 2014-03-24

    The link "http://ejbca.org/adminguide.html#Auto-activation%20of%20CA%20tokens" seems to be broken.
    I guess, the passwords can be encrypted with "ejbca.sh encryptpwd", where you enter your password and the script will return it encrypted.
    However, my concern is how should I substitute the passwords in the "*.properties" files with the encrypted ones?
    I guess there should be some additional parameter which will tell to EJBCA that the password assigned to a particular parameter is an encrypted one and it will have to decrypt it first before using it.

    For example, in WebLogic the encrypted passwords begin with the encryption algorithm - {AES}<encrypted password="">.

     

Log in to post a comment.